Spring Security: Custom Authentication Provider -

-



i have developed application spring mvc high user traffic. suppose there least 20,000 concurrent user. have implemented spring security custom authentication provider in 2 ways.
1st 1 :

@override public authentication authenticate(authentication authentication) throws authenticationexception {      string username = authentication.getname();     string password = authentication.getcredentials().tostring();     customuser user = _userdetailservice.loaduserbyusername(username);     if (user == null || !user.getusername().equalsignorecase(username)) {         throw new badcredentialsexception("username not found.");     }     if (!bcrypt.checkpw(password, user.getpassword())) {         throw new badcredentialsexception("wrong password.");     }     collection < ? extends grantedauthority > authorities = user.getauthorities();     return new usernamepasswordauthenticationtoken(user, password, authorities); }

2nd 1 is:

@override public authentication authenticate(authentication authentication) throws authenticationexception {   try {     authentication auth = super.authenticate(authentication);     //if reach here, means login success, else exception thrown     //reset user_attempts     return auth;    } catch (badcredentialsexception e) {     //invalid login, update user_attempts     throw e;   } }

now question whice implementation give me faster output?

as pointed out afridi, 1st version daoauthenticationprovider supposed do. discourage re-implementing functionality, since might example introduce new security relevant errors.

if need custom authentication method, there no way around custom authentication method of course. in order measure performance of implementation in general or versus standard implementation, should define test scenario (e.g. 20000 dummy authentications homlis83 suggested) , run program in profiler. how how time spent in authentication method , part takes time.

i think popular java profiler visualvm , depending on ide there might plugin further simplifies use. there lot of tutorials java profiling out there, definitvely way go reliable data performance.





wiki

Comments

Post a Comment

Popular posts from this blog

Asterisk AGI Python Script to Dialplan does not work -

-
i'm stuck project have check database of sip extension incoming caller id , dial sip extension. below receive when run script on asterisk cli. -- registered sip '9125' @ 192.168.1.102:50142 > saved useragent "zoiper rv2.8.40" peer 9125 [2017-08-22 13:53:33] notice[5095]: chan_sip.c:24558 handle_response_peerpoke: peer '9125' reachable. (17ms / 2000ms) == using sip rtp tos bits 184 == using sip rtp cos mark 5 -- executing [0112617769@from-trunk:1] answer("sip/obitrunk1-0000000d", "") in new stack > 0x1ca50d0 -- probation passed - setting rtp source address 192.168.1.98:16834 -- executing [0112617769@from-trunk:2] agi("sip/obitrunk1-0000000d", "test.py") in new stack -- launched agi script /var/lib/asterisk/agi-bin/test.py args: ['/var/lib/asterisk/agi-bin/test.py'] env line: agi_request: test.py env line: agi_channel: sip/obitrunk1-0000000d env line: agi_language: en env line: a
Read more

python - Read npy file directly from S3 StreamingBody -

-
i have many .npy (numpy) , .json files saved in s3, need download , load these files. for json files downloading files , loading dictionary using following code: obj = s3.object(bucket, key) response = obj.get() body = response['body'].read().decode('utf-8') data = json.loads(body) that way avoid writing .json file disk , reading it. now want same .npy files, equivalent? currently downloading file, saving temp file on disk , loading np.load avoid if possible. following https://stackoverflow.com/a/28196540/3509999 : obj = s3.object(bucket, key) io.bytesio(obj.get()["body"].read()) f: # rewind file f.seek(0) arr = np.load(f) wiki
Read more

kotlin - Out-projected type in generic interface prohibits the use of metod with generic parameter -

-
i start using kotlin , defined interface this: interface aadapter<vh : recyclerview.viewholder> { fun oncreateaviewholder(parent: viewgroup): vh fun onbindaviewholder(v: vh, position: int) } and when try use on code: class klasa ( private val adapter: aadapter<*> ) { fun dosth(){ //... val vh = this.adapter.oncreateaviewholder(parent) //on below line error adapter.onbindaviewholder(v, position) //... } } i error out-projected type 'aadapter<*>' prohibits use of 'public abstract fun onbindaviewholder(v: t, position: int): unit i tied add "in" or "out" definition i'm confused. how allow it. replace aadapter<*> aadapter<recyclerview.viewholder> . class klasa ( private val adapter: aadapter<recyclerview.viewholder> ) { // ... because have declared aadapter has type parameter vh type subclass of recyclerview.
Read more